Are you over 18 and want to see adult content?
More Annotations

A complete backup of spielzeug-guenstig.de
Are you over 18 and want to see adult content?

A complete backup of nationalrealtyfla.com
Are you over 18 and want to see adult content?

A complete backup of cktools-superstore.co.uk
Are you over 18 and want to see adult content?

A complete backup of ax-rechtsanwaelte.de
Are you over 18 and want to see adult content?
Favourite Annotations

A complete backup of sandyssewingcenter.com
Are you over 18 and want to see adult content?

A complete backup of proexpansion.com
Are you over 18 and want to see adult content?

A complete backup of romiromi-yuri.tumblr.com
Are you over 18 and want to see adult content?

A complete backup of thetechedvocate.org
Are you over 18 and want to see adult content?

A complete backup of regalfurniturebd.com
Are you over 18 and want to see adult content?

A complete backup of derechoenzapatillas.org
Are you over 18 and want to see adult content?

A complete backup of fungsiexcellengkap.blogspot.com
Are you over 18 and want to see adult content?
Text
constructed as a
WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
CISCO ASA: SECURITY LEVEL AND NAMEIF You can think of it as a security zone thus give it the meaningful name as a best practice. To set the nameif and security level issue following commands: ASA#configure terminal. ASA (config)#interface GigabitEthernet0/0. ASA (config-if)#nameif outside. ASA (config-if)#security-level 10. ASA (config-if)#ip address 192.168.202.201 255.255.255.0. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. LAYER 3 SUBINTERFACE (HUAWEI) Layer 3 subinterface (Huawei) Sub-interfaces are multiple logical interfaces configured on a main (physical) interface to allow to communicate within subnets on a trunk link. Sub-interfaces can share physical layer parameters of their main interface or be configured with their respective link layer parameters and network layerparameters.
TRUNK PORT CONFIG (HUAWEI) Trunk port config (Huawei) Technology: Switching. Area: Neighbor Discovery. Vendor: Huawei. Software: eNSP. Platform: Quidway switches. A trunk interface often connects to a switch, router, AP, or voice terminal that can receive and send tagged and untagged frames simultaneously. It allows tagged frames from multiple VLANs anduntagged frames
SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
CISCO ASA: SECURITY LEVEL AND NAMEIF You can think of it as a security zone thus give it the meaningful name as a best practice. To set the nameif and security level issue following commands: ASA#configure terminal. ASA (config)#interface GigabitEthernet0/0. ASA (config-if)#nameif outside. ASA (config-if)#security-level 10. ASA (config-if)#ip address 192.168.202.201 255.255.255.0. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. LAYER 3 SUBINTERFACE (HUAWEI) Layer 3 subinterface (Huawei) Sub-interfaces are multiple logical interfaces configured on a main (physical) interface to allow to communicate within subnets on a trunk link. Sub-interfaces can share physical layer parameters of their main interface or be configured with their respective link layer parameters and network layerparameters.
TRUNK PORT CONFIG (HUAWEI) Trunk port config (Huawei) Technology: Switching. Area: Neighbor Discovery. Vendor: Huawei. Software: eNSP. Platform: Quidway switches. A trunk interface often connects to a switch, router, AP, or voice terminal that can receive and send tagged and untagged frames simultaneously. It allows tagged frames from multiple VLANs anduntagged frames
GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing inNEWS GRANDMETRIC
GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
DNS SECURITY MALWARE PROTECTION I hereby agree to recieve information about the trainings offer from Grandmetric Sp. z o.o. by the electronic means.CONTACT GRANDMETRIC
GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
GRANDMETRIC ENGINEERS GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
DNS SECURITY OR HOW TO PROTECT USERS WITH CISCO UMBRELLA Protecting DNS, we do not allow undesired domains to transfer information to our users. Cisco Umbrella is a simple and powerful DNSsecurity.
PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
GRANDMETRIC-CERTIFICATIONS GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in PYTHON REST FRAMEWORKS PERFORMANCE COMPARISON TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ASA: SECURITY LEVEL AND NAMEIF You can think of it as a security zone thus give it the meaningful name as a best practice. To set the nameif and security level issue following commands: ASA#configure terminal. ASA (config)#interface GigabitEthernet0/0. ASA (config-if)#nameif outside. ASA (config-if)#security-level 10. ASA (config-if)#ip address 192.168.202.201 255.255.255.0. LAYER 3 SUBINTERFACE (HUAWEI) Layer 3 subinterface (Huawei) Sub-interfaces are multiple logical interfaces configured on a main (physical) interface to allow to communicate within subnets on a trunk link. Sub-interfaces can share physical layer parameters of their main interface or be configured with their respective link layer parameters and network layerparameters.
SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
TRUNK PORT CONFIG (HUAWEI) Trunk port config (Huawei) Technology: Switching. Area: Neighbor Discovery. Vendor: Huawei. Software: eNSP. Platform: Quidway switches. A trunk interface often connects to a switch, router, AP, or voice terminal that can receive and send tagged and untagged frames simultaneously. It allows tagged frames from multiple VLANs anduntagged frames
DMVPN PHASE 1 SINGLE HUB Packet is sent from Spoke1 to Spoke2 network via Hub (according to routing table) Spoke1 has this prefix via HUB tunnel IP for which has also NHRP static mapping. Hub routes packet to Spoke2 according to routing table via tunnel. DMVPN Phase 1 and EIGRP: Configure spokes as a stubs. Advertise their connected routes. CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm:GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in PYTHON REST FRAMEWORKS PERFORMANCE COMPARISON TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ASA: SECURITY LEVEL AND NAMEIF You can think of it as a security zone thus give it the meaningful name as a best practice. To set the nameif and security level issue following commands: ASA#configure terminal. ASA (config)#interface GigabitEthernet0/0. ASA (config-if)#nameif outside. ASA (config-if)#security-level 10. ASA (config-if)#ip address 192.168.202.201 255.255.255.0. LAYER 3 SUBINTERFACE (HUAWEI) Layer 3 subinterface (Huawei) Sub-interfaces are multiple logical interfaces configured on a main (physical) interface to allow to communicate within subnets on a trunk link. Sub-interfaces can share physical layer parameters of their main interface or be configured with their respective link layer parameters and network layerparameters.
SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
TRUNK PORT CONFIG (HUAWEI) Trunk port config (Huawei) Technology: Switching. Area: Neighbor Discovery. Vendor: Huawei. Software: eNSP. Platform: Quidway switches. A trunk interface often connects to a switch, router, AP, or voice terminal that can receive and send tagged and untagged frames simultaneously. It allows tagged frames from multiple VLANs anduntagged frames
DMVPN PHASE 1 SINGLE HUB Packet is sent from Spoke1 to Spoke2 network via Hub (according to routing table) Spoke1 has this prefix via HUB tunnel IP for which has also NHRP static mapping. Hub routes packet to Spoke2 according to routing table via tunnel. DMVPN Phase 1 and EIGRP: Configure spokes as a stubs. Advertise their connected routes. CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm:NEWS GRANDMETRIC
GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
GRANDMETRIC ENGINEERS GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
CONTACT GRANDMETRIC
GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
DNS SECURITY OR HOW TO PROTECT USERS WITH CISCO UMBRELLA Protecting DNS, we do not allow undesired domains to transfer information to our users. Cisco Umbrella is a simple and powerful DNSsecurity.
SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
TRUNK PORT CONFIGURATION (CISCO) Trunk port configuration (Cisco) Technology: Switching. Area: VLAN. Vendor: Cisco. Software: 12.X , 15.X, IP Base, IP Services, LAN Base, LAN Light. Platform: Catalyst 2960-X, Catalyst 3560. Trunk port configuration example to carry the different VLAN tags between two devices on the same physical link. Vendor agnostic technology (IEEE802.1Q)
UMBRELLA TWITTER
I hereby agree to recieve information about the trainings offer from Grandmetric Sp. z o.o. by the electronic means. GRANDMETRIC TECH BLOG GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
GRANDMETRIC-CERTIFICATIONS GRANDMETRIC ul. Metalowa 5 60-118 Poznań, Poland. Contact form . Home Privacy policy Terms & Conditions Contact Privacy policy Terms &Conditions Contact
PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm: LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. SVI CONFIGURATION (CISCO) SVI configuration (Cisco) A Switched Virtual Interface (SVI) is routed interface in IOS representing the IP addressing space for particular VLAN connected to this interface. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from TRUNK PORT CONFIG (HUAWEI) Trunk port config (Huawei) Technology: Switching. Area: Neighbor Discovery. Vendor: Huawei. Software: eNSP. Platform: Quidway switches. A trunk interface often connects to a switch, router, AP, or voice terminal that can receive and send tagged and untagged frames simultaneously. It allows tagged frames from multiple VLANs anduntagged frames
GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm: LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. SVI CONFIGURATION (CISCO) SVI configuration (Cisco) A Switched Virtual Interface (SVI) is routed interface in IOS representing the IP addressing space for particular VLAN connected to this interface. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from TRUNK PORT CONFIG (HUAWEI) Trunk port config (Huawei) Technology: Switching. Area: Neighbor Discovery. Vendor: Huawei. Software: eNSP. Platform: Quidway switches. A trunk interface often connects to a switch, router, AP, or voice terminal that can receive and send tagged and untagged frames simultaneously. It allows tagged frames from multiple VLANs anduntagged frames
DNS SECURITY OR HOW TO PROTECT USERS WITH CISCO UMBRELLA Protecting DNS, we do not allow undesired domains to transfer information to our users. Cisco Umbrella is a simple and powerful DNSsecurity.
PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
SVI CONFIGURATION (CISCO) SVI configuration (Cisco) A Switched Virtual Interface (SVI) is routed interface in IOS representing the IP addressing space for particular VLAN connected to this interface. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from CISCO ASA: UPGRADE AND BOOT Cisco ASA: Upgrade and Boot. Technology: Network Security. Area: Firewalls. Vendor: Cisco. Software: 8.X, 9.X. Platform: Cisco ASA. To upgrade ASA-OS first download new image to disk0: (flash) for example from ftp server. After downloading, list the disk directory and IOS UPGRADE VIA FTP (CISCO) Technology: Setup Area: Setup Vendor: Cisco Software: 12.X , 15.X, IP Base, IP Services, LAN Base, LAN Light Platform: Catalyst 2960-X, Catalyst 3560 The firmware is a program which controls the operation and functionality of the switch. This is a mixture of software and hardware that has program code and data stored in it for EXPLAINED: HOW DOES WIRELESS WORK? Wireless is a way of transporting signals without any wires or optic fibers. Signals propagate through free space in this case. Often, the term wireless, refers to wireless communication. This is a way of transferring information between devices that are not connected withwires.
CISCO SWITCH AND ISE UNIFIED PORT CONFIGURATION Cisco Switch and ISE unified port configuration. The one of main advantages of using central point of network access policy management (Cisco ISE) is possibility of keeping common access ports configuration across the network regardless location, switch type and users connected. To configure the switch to act as a radius client andport to be
DHCP CONFIGURATION ON A CISCO SWITCH Platform: Catalyst 2960, 3560, 3750, 3850, 3650, 4500, 6500, 6800, Router ISR, 7200, ASR. DHCP Server functionality can be enabled on switch where are SVI interfaces or physical Layer 3 interfaces enabled. Example shows how to set DHCP configuration on a server with subnet 192.168.10.0/24. !---- enable SVI -----. Switch (config)#interface VLAN10.
ACCESS PORT CONFIG (HUAWEI) Access port config (Huawei) An access port belongs to and carries the traffic of only one VLAN within 2-layer switch. Traffic is both received and sent in native formats with no VLAN tagging whatsoever. Anything arriving on an access port is simply assumed to belong to the VLAN assigned to the port.GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm: LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. SVI CONFIGURATION (CISCO) SVI configuration (Cisco) A Switched Virtual Interface (SVI) is routed interface in IOS representing the IP addressing space for particular VLAN connected to this interface. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from TRUNK PORT CONFIG (HUAWEI) Trunk port config (Huawei) Technology: Switching. Area: Neighbor Discovery. Vendor: Huawei. Software: eNSP. Platform: Quidway switches. A trunk interface often connects to a switch, router, AP, or voice terminal that can receive and send tagged and untagged frames simultaneously. It allows tagged frames from multiple VLANs anduntagged frames
GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm: LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. SVI CONFIGURATION (CISCO) SVI configuration (Cisco) A Switched Virtual Interface (SVI) is routed interface in IOS representing the IP addressing space for particular VLAN connected to this interface. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from TRUNK PORT CONFIG (HUAWEI) Trunk port config (Huawei) Technology: Switching. Area: Neighbor Discovery. Vendor: Huawei. Software: eNSP. Platform: Quidway switches. A trunk interface often connects to a switch, router, AP, or voice terminal that can receive and send tagged and untagged frames simultaneously. It allows tagged frames from multiple VLANs anduntagged frames
DNS SECURITY OR HOW TO PROTECT USERS WITH CISCO UMBRELLA Protecting DNS, we do not allow undesired domains to transfer information to our users. Cisco Umbrella is a simple and powerful DNSsecurity.
PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
SVI CONFIGURATION (CISCO) SVI configuration (Cisco) A Switched Virtual Interface (SVI) is routed interface in IOS representing the IP addressing space for particular VLAN connected to this interface. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from CISCO ASA: UPGRADE AND BOOT Cisco ASA: Upgrade and Boot. Technology: Network Security. Area: Firewalls. Vendor: Cisco. Software: 8.X, 9.X. Platform: Cisco ASA. To upgrade ASA-OS first download new image to disk0: (flash) for example from ftp server. After downloading, list the disk directory and IOS UPGRADE VIA FTP (CISCO) Technology: Setup Area: Setup Vendor: Cisco Software: 12.X , 15.X, IP Base, IP Services, LAN Base, LAN Light Platform: Catalyst 2960-X, Catalyst 3560 The firmware is a program which controls the operation and functionality of the switch. This is a mixture of software and hardware that has program code and data stored in it for EXPLAINED: HOW DOES WIRELESS WORK? Wireless is a way of transporting signals without any wires or optic fibers. Signals propagate through free space in this case. Often, the term wireless, refers to wireless communication. This is a way of transferring information between devices that are not connected withwires.
CISCO SWITCH AND ISE UNIFIED PORT CONFIGURATION Cisco Switch and ISE unified port configuration. The one of main advantages of using central point of network access policy management (Cisco ISE) is possibility of keeping common access ports configuration across the network regardless location, switch type and users connected. To configure the switch to act as a radius client andport to be
DHCP CONFIGURATION ON A CISCO SWITCH Platform: Catalyst 2960, 3560, 3750, 3850, 3650, 4500, 6500, 6800, Router ISR, 7200, ASR. DHCP Server functionality can be enabled on switch where are SVI interfaces or physical Layer 3 interfaces enabled. Example shows how to set DHCP configuration on a server with subnet 192.168.10.0/24. !---- enable SVI -----. Switch (config)#interface VLAN10.
ACCESS PORT CONFIG (HUAWEI) Access port config (Huawei) An access port belongs to and carries the traffic of only one VLAN within 2-layer switch. Traffic is both received and sent in native formats with no VLAN tagging whatsoever. Anything arriving on an access port is simply assumed to belong to the VLAN assigned to the port.GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm: LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
CISCO ASA: SECURITY LEVEL AND NAMEIF You can think of it as a security zone thus give it the meaningful name as a best practice. To set the nameif and security level issue following commands: ASA#configure terminal. ASA (config)#interface GigabitEthernet0/0. ASA (config-if)#nameif outside. ASA (config-if)#security-level 10. ASA (config-if)#ip address 192.168.202.201 255.255.255.0.GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm: LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
CISCO ASA: SECURITY LEVEL AND NAMEIF You can think of it as a security zone thus give it the meaningful name as a best practice. To set the nameif and security level issue following commands: ASA#configure terminal. ASA (config)#interface GigabitEthernet0/0. ASA (config-if)#nameif outside. ASA (config-if)#security-level 10. ASA (config-if)#ip address 192.168.202.201 255.255.255.0. SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
RIPNG - GRANDMETRIC
Currently the majority of vendors has started to implement the IPv6 addressing scheme, hence IPv6 routing protocols are required to provide the routing functionalities. There are numerous IPv6-capable routing protocols been developed, such as RIPng, EIGRPv6, and OSPFv3. RIPng (RIP for IPv6) is designed to provide routing functionalities for an IPv6-based network. It is the next PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
SPAN PORT CONFIGURATION You’ll only need two commands to set up a SPAN port configuration. The first one is: Switch (config)#monitor session 1 source interface GigabitEthernet 0/1. The GE0/1 is the port that will be monitored and is also the one via which the Internet is accessed. The second commandis:
CISCO ASA: CISCO ANYCONNECT CONFIGURATION Software: CISCO ADAPTIVE SECURITY APPLIANCE (ASA) , ASA-OS. Platform: CISCO ASA 5500, 5500-X. Cisco Anyconnect Secure Mobility Client is software user-friendly application which creates VPN tunnel with VPN head end. Anyconnet by default uses SSL protocol to encrypt packets (can use also ikev2 / IPSec protocols). 1. DMVPN PHASE 1 SINGLE HUB Packet is sent from Spoke1 to Spoke2 network via Hub (according to routing table) Spoke1 has this prefix via HUB tunnel IP for which has also NHRP static mapping. Hub routes packet to Spoke2 according to routing table via tunnel. DMVPN Phase 1 and EIGRP: Configure spokes as a stubs. Advertise their connected routes. SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
ALLOW ONLY SSH TO DEVICE (CISCO) Allow only SSH to device (Cisco) Secure Shell (SSH) is a protocol used when one wants to have vides a secure remote access connection to network devices. Communication between the client and server is encrypted in both SSH version 1 and SSH version 2. Implement SSH version 2 when possible because it uses a more enhanced securityencryption
SVI CONFIGURATION (CISCO) SVI configuration (Cisco) A Switched Virtual Interface (SVI) is routed interface in IOS representing the IP addressing space for particular VLAN connected to this interface. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from CISCO SWITCH AND ISE UNIFIED PORT CONFIGURATION Cisco Switch and ISE unified port configuration. The one of main advantages of using central point of network access policy management (Cisco ISE) is possibility of keeping common access ports configuration across the network regardless location, switch type and users connected. To configure the switch to act as a radius client andport to be
GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm: LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
CISCO ASA: SECURITY LEVEL AND NAMEIF You can think of it as a security zone thus give it the meaningful name as a best practice. To set the nameif and security level issue following commands: ASA#configure terminal. ASA (config)#interface GigabitEthernet0/0. ASA (config-if)#nameif outside. ASA (config-if)#security-level 10. ASA (config-if)#ip address 192.168.202.201 255.255.255.0.GRANDMETRIC
Grandmetric is an ITelco Next Generation Consulting company providing technical and business insights, technical trainings and advanced services specializing in WHAT IS CISCO FIREPOWER? THE INTRODUCTION The flagship firewall of Cisco – the Cisco ASA (Adaptive Security Appliance) and FirePOWER technology (the result acquision of Source Fire company by Cisco in 2013) lied down the foundation of “next generation firewall” line of products in Cisco’s portfolio: ASA FirePOWER Services. This next generation firewall is composed ofwidely
SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
TRUNK PORT CONFIGURATION (CISCO) To restrict the link to carry only specified VLANs use the allowed vlan command. Switch (config)# interface GigabitEthernet 0/0/10. Switch (config-if)# switchport trunk allowed vlan 1,2,3,4. To verify how the trunk port is configured you can issue few show commands: Switch# show run interface GigabitEthernet 0/0/10. CISCO ISE DEPLOYMENT MODELS Cisco ISE Deployment models. Path: Design. Technology: Network Security. Area: Access and Identity Management. Vendor: Cisco. Software: 1.X, 2.X. Platform: ISE Physical Appliance, ISE Virtual Appliance. Cisco Identity Services Engine helps to concentrate all enterprise network identity policies in one place. ISE is a point ofthe network where
PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
CISCO ASA: HOW TO ENABLE ASDM ACCESS TO ASA To configure ASDM (HTTP) access to Cisco ASA on particular interfaces, where core and management are the nameifs use following commands: ASA (config)#aaa authentication http console LOCAL. ASA (config)#http server enable. ASA (config)#http 0.0.0.0 0.0.0.0 core. Remember to create username, password to be able to authenticate to asdm: LACP MODE CONFIGURATION (CISCO) LACP configuration on Cisco switch. Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. CISCO ASA: SAME SECURITY LEVEL INTERFACE So how the rule number 1 applies? Traffic between equal security level interfaces is by default denied but you can change this behavior. To change this, use command: ASA#configure terminal. ASA (config)#same-security-traffic permit inter-interface. Above commands applies to traffic passing more than one interface (from on toanother).
CISCO ASA: SECURITY LEVEL AND NAMEIF You can think of it as a security zone thus give it the meaningful name as a best practice. To set the nameif and security level issue following commands: ASA#configure terminal. ASA (config)#interface GigabitEthernet0/0. ASA (config-if)#nameif outside. ASA (config-if)#security-level 10. ASA (config-if)#ip address 192.168.202.201 255.255.255.0. SPANNING TREE PROTOCOL (STP) CONFIGURATION The Spanning Tree Protocol (STP) is defined by IEEE standard 802.1D-1988. The STP generates a single spanning tree inside a network. Such mode proved to be useful for supporting applications and protocols in which frames are delivered out of sequence or as duplicates. The topology is named Spanning Tree, because it isconstructed as a
RIPNG - GRANDMETRIC
Currently the majority of vendors has started to implement the IPv6 addressing scheme, hence IPv6 routing protocols are required to provide the routing functionalities. There are numerous IPv6-capable routing protocols been developed, such as RIPng, EIGRPv6, and OSPFv3. RIPng (RIP for IPv6) is designed to provide routing functionalities for an IPv6-based network. It is the next PAGP CONFIGURATION (CISCO) PAgP configuration (Cisco) Technology: Switching. Area: Link aggregation. Vendor: Cisco. Software: 12.X , 15.X. Platform: Catalyst platforms. Port Aggregation Protocol (PAgP) is a Cisco proprietary protocol which is used for the automated, logical aggregation of Ethernet switch ports, known as an Ether Channel. There are two modesof PAgP:
SPAN PORT CONFIGURATION You’ll only need two commands to set up a SPAN port configuration. The first one is: Switch (config)#monitor session 1 source interface GigabitEthernet 0/1. The GE0/1 is the port that will be monitored and is also the one via which the Internet is accessed. The second commandis:
CISCO ASA: CISCO ANYCONNECT CONFIGURATION Software: CISCO ADAPTIVE SECURITY APPLIANCE (ASA) , ASA-OS. Platform: CISCO ASA 5500, 5500-X. Cisco Anyconnect Secure Mobility Client is software user-friendly application which creates VPN tunnel with VPN head end. Anyconnet by default uses SSL protocol to encrypt packets (can use also ikev2 / IPSec protocols). 1. DMVPN PHASE 1 SINGLE HUB Packet is sent from Spoke1 to Spoke2 network via Hub (according to routing table) Spoke1 has this prefix via HUB tunnel IP for which has also NHRP static mapping. Hub routes packet to Spoke2 according to routing table via tunnel. DMVPN Phase 1 and EIGRP: Configure spokes as a stubs. Advertise their connected routes. SD-WAN OVERLAY MANAGEMENT PROTOCOL (OMP) The Overlay Management Protocol (OMP) is the protocol responsible for establishing and maintaining the Cisco SD-WAN control plane. It provides the following services: Orchestration of overlay network communication, including connectivity among network sites, service chaining, and VPN topologies. Distribution of service-level routinginformation
ALLOW ONLY SSH TO DEVICE (CISCO) Allow only SSH to device (Cisco) Secure Shell (SSH) is a protocol used when one wants to have vides a secure remote access connection to network devices. Communication between the client and server is encrypted in both SSH version 1 and SSH version 2. Implement SSH version 2 when possible because it uses a more enhanced securityencryption
SVI CONFIGURATION (CISCO) SVI configuration (Cisco) A Switched Virtual Interface (SVI) is routed interface in IOS representing the IP addressing space for particular VLAN connected to this interface. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from CISCO SWITCH AND ISE UNIFIED PORT CONFIGURATION Cisco Switch and ISE unified port configuration. The one of main advantages of using central point of network access policy management (Cisco ISE) is possibility of keeping common access ports configuration across the network regardless location, switch type and users connected. To configure the switch to act as a radius client andport to be
×
SEARCH
Toggle navigation
* Home
* Training
* Services
* Networking
* Cisco Systems Offering* VMware Networking
* SD-WAN Delivery
* Software-Defined Networks * Enterprise Wireless * Wireless Design & Planning * Wireless site survey* Infrastructure
* Storage Solutions
* Software-Defined Data Center* Disaster Recovery
* Managed Services
* Operations Center (NOC) * Network Monitoring* Managed WiFi
* Managed LAN
* Cloud Services
* Microsoft Office 365 Cloud * Microsoft Azure Migrations * Hybrid Active Directory* Consulting
* Professional Pre-Sales* IoT Engineering
* Education Content Delivery* 5G Consulting
* IT Licensing & Audits* Knowledge Base
* Research
* Design & Config
* Glossary
* E-learning
* Company
* About us
* Careers
* Expertise
* Our team
* News
* Blog
* Contact
Schedule a free product or technology session with GrandmetricEngineer
schedule a video call×
SCHEDULE A VIDEO CALL I give my consent for processing my personal data in order to complete the process of arranging a video meetingSend
To see how we handle with personal details check out Privacy Policy.
SD-WAN Delivery
Optimize WAN costs, build SD-WAN overlayRead More
NOC Follow-The-Sun
IT infrastructure monitoring & operationsRead More
TECHNOLOGY STRATEGY
Let's talk about SD-WAN, Wireless, Cloud or Infrastructure AutomationRead More
First SD-WAN in Poland Read about Cisco SD-WAN implementation for Pfeifer & Langen PolskaDownload Case Study
Cisco HyperFlex
Meet Cisco hyperconvergence technologyRead More
SD-WAN Delivery
Optimize WAN costs, build SD-WAN overlayRead More
NOC Follow-The-Sun
IT infrastructure monitoring & operationsRead More
TECHNOLOGY STRATEGY
Let's talk about SD-WAN, Wireless, Cloud or Infrastructure AutomationRead More
First SD-WAN in Poland Read about Cisco SD-WAN implementation for Pfeifer & Langen PolskaDownload Case Study
Cisco HyperFlex
Meet Cisco hyperconvergence technologyRead More
SD-WAN Delivery
Optimize WAN costs, build SD-WAN overlayRead More
NEWS & BLOG
03.2020
Grandmetric to establish VMware Professional Partnership We're glad to inform that Grandmetric and VMware established professional level partnership. VMware is a global provider of virtualization and data center solutions including hypervisors (widely known #ESXi), multi-cloud networking with its #NSX and virtual desktop infrastructure #VDI #Horizon to name a few.read more
02.2020
Grandmetric named Cisco Hyperflex Authorized Partner Congratulations to GRANDMETRIC for meeting the Authorization program requirements necessary to earn the designation of Cisco Hyperflex Authorization in the POLAND. In recognition of this achievement, Cisco will feature your company as having achieved the HyperFlex Authorization designation in Cisco Partner Locator.read more
01.2020
Wi-Fi issues: site-surveys and troubleshooting Recently, we've been doing numerous site surveys and verification of Wi-Fi deployments in offices with more than 50APs per office in a managed setup (meaning that the APs are under the supervision of a wireless controller). In this post, I'd like to sketch an overview of the encountered issues and improvement suggestions.read more
01.2020
Grandmetric to partner with NetApp Storage solutions With the beginning of the year we have great news. Grandmetric has met all requirements to achieve Gold Partnership from NetApp . NetApp is a global leader in high-end storage and hybrid-cloud solutions. Our team as a Gold Partner team is now able to quote the comprehensive end-to-end solution and Systems Engineers are ready to help in designing and implementing enterprise-class storage for DCs of ourclients.
read more
HOW WE CAN HELP YOU?SD-WAN
Delivery & migrationsLearn more
NOC 24/7/365
Monitor & automate IT infrastructureLearn more
DESIGN & TRANSFORM
Network, DC, Office365, CloudLearn more
START
an IoT Project
Learn more
PROVIDE
future networks consultationLearn more
TRAIN
me or my team
Learn more
FEATURING
Enterprise Wireless - An Insight Into Different Wi-Fi AspectsTYPE: Guidepaper
Our latest Guidepaper we aim to provide a detailed insight into the world of enterprise wireless covering different aspects such as: the Wi-Fi technologies (and evolution), security mechanisms available, along with associated parameters involved in configuring and measurements involved in troubleshooting such a network. Also, note that this Guidepaper's contents are based on our unique "Enterprise Wireless Advanced" Course, discussion of which you can also findinside.
download
Internet-of-Things - An Excursion Through the Selected IoTTechnologies
TYPE: Guidepaper
This Guidepaper provides a detailed overview of Cellular IoT concept followed by an overview of the current technologies such as NB-IoT,eMTC etc.
download
Overview of Next Generation Firewall Security Products - Medium ScaleEnterprise
TYPE: Guidepaper
This Guidepaper discusses the various Next Generation Firewall products available in the market that can be utilized for Medium scaleenterprise.
download
TECHNOLOGIES
Grandmetric is an IT Next Generation Systems integration company helping clients with their IT transformation, infrastructure automation, LAN, WiFi, SD-WAN & SDN delivery. Fast growing Grandmetric team is becoming also a referal point in Cloud migrations and DC Stack management with their Storage, OS and virtualization experience. Grandmetric provides technical insights along with technical trainings in areas of expertise. Latest projects cover also IoT subjects R&D in the area of IoT backend development, big data analysis and monitoring. Based on above experience in production systems maintenance, new division – Grandmetric Managed Services (GMS) maintaining IT infrastructure of corporates & globally present customers is available for demanding IT environments.ENTERPRISE NETWORKS
There are huge range of technology aspects covering modern enterprises requirements. Starting with fundamental LAN and WAN connectivity, Internet Edge, Data Centers, mobility, collaboration, DC and Security and ending with the latest Software Defined Networks, Cloud directions, CIO’s, IT Managers, IT specialists might be confused which way to go. Grandmetric with their expertise, enterprise experience and research division helps enterprises to transform. Our latest activities cover SD-WAN transformations, WiFi troubleshooting and re-designs, IT Infrastructure automation (Jenkins, Ansible, Git, conainers), DevOps culture building.Training
Knowledge base
WIRELESS SYSTEMS
Mobile networks have been in spotlight since the introduction of LTE, back in 2009. Since then, there has been significant growth in mobile network technology at a very fast pace which includes introduction of Small Cells & Heterogeneous Networks (HetNets), Internet-of-Things (IoT), Self-Organizing Networks (SON), virtualization and 5G. Check how Grandmetric can help you to understand latest radio trends and to decide in future investments in technology.Knowledge base
INTERNET OF THINGS
IoT is a buzzword that everybody uses nowadays. You have probably heard about devices talking to other devices and servers and applications through Internet without human involvements. You have also probably heard about ideas like, smart city, smart parking, smart factory, smart house, etc. We are going beyond the hype and design, prototype and deploy such systems in practice with an example of “Souly” – a smart building solution with massive number of sensors, actuators and gateways connected to realize customers’ requirements such like energy savings. Ask Us about Internet of Thins aspects like: MQTT brokers, processing stacks, MQTT over SSL transmission, dockers, big data monitoring, highly efficient databases, API development, automation and multitenancy.IoT Engineering
Souly Website
NETWORK SECURITY
Confidentiality of data, importance of service continuity and consistently growing online business makes Security number one topic in IT business. There are many approaches, products, visions and vendors that address some security challenges. Due to the research, analysis and comparative studies done by our team with strong security background and experience we know how to choose the best path to secure your network and services.Training
Knowledge base
FOUNDERS
Board Member | Advisory ArchitectMarcin Bialy
Board Member | Advisory Architect Marcin is a Head of IP & Security areas in Grandmetric. He conducts Grandmetric authorized training and is heading research in IP and Network Security areas. Acting as a Board Member defines company’sstrategy .
Principal Consultant | Wireless Systems Architect Marcin Dryjanski, Ph.D. Principal Consultant | Wireless Systems Architect Marcin is leading the mobile communications field in Grandmetric. He is responsible for technical consulting and research in the wirelessarea.
CLIENTS & PARTNERS
TESTIMONIALS
Marcin is a very knowledgeable Principal Consultant in 5G / Wireless research technologies. He has a great attitude and is helpful, humble and friendly. I am sure with his all round business knowledge he will make a success of Grandmetric, good luck Marcin!Nick Bailey
Head Connected World The usual, thorough, 5G materials we are by now used to receive from Grandmetric. Thank you very much for always sharing insightful info. Ramses Rodríguez Ferguson Consultant & 3GPP RAN SME, Panamá Very interesting training, professionally prepared. The teacher was with solid technical knowledge and, what’s even more important, with experience in implementation of big projects. I sincerely recommend and would happily take part again.Marcin Berkowicz
Network Administrator, Allegro Group I see your knowledge and experience is top stuffBrian Parsons
CEO & Founder Telecom Forensics Equipment Marcin is a very knowledgeable Principal Consultant in 5G / Wireless research technologies. He has a great attitude and is helpful, humble and friendly. I am sure with his all round business knowledge he will make a success of Grandmetric, good luck Marcin!Nick Bailey
Head Connected World The usual, thorough, 5G materials we are by now used to receive from Grandmetric. Thank you very much for always sharing insightful info. Ramses Rodríguez Ferguson Consultant & 3GPP RAN SME, Panamá Very interesting training, professionally prepared. The teacher was with solid technical knowledge and, what’s even more important, with experience in implementation of big projects. I sincerely recommend and would happily take part again.Marcin Berkowicz
Network Administrator, Allegro Group I see your knowledge and experience is top stuffBrian Parsons
CEO & Founder Telecom Forensics EquipmentNEWSLETTER
Network & Wireless Newsletter. Subscribe and... Stay Connected!Sign Up
Yes
No
I hereby agree to receive information about the trainings offer from Grandmetric Sp. z o.o. by the electronic means. To see how we handle with personal details check out Privacy Policy.
GRANDMETRIC
ul. Garncarska 9 (3rd floor) 61-817 Poznań, Poland info@grandmetric.comContact form
Home Privacy policyTerms & Conditions
Contact
March
January
February
March
April
May
June
July
August
September
October
November
December
__
2020
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
__
SUN
MON
TUE
WED
THU
FRI
SAT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
1
2
3
4
00:00
01:00
02:00
03:00
04:00
05:00
06:00
07:00
08:00
09:00
10:00
11:00
12:00
13:00
14:00
15:00
16:00
17:00
18:00
19:00
20:00
21:00
22:00
23:00
This site uses cookies to make our site work better. Read moreI accept
Details
Copyright © 2023 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0